Not all of the Ubuntu OSes have been affected

Jul 6, 2015 14:27 GMT  ·  By

Canonical has revealed some details in a security notice about a few Oxide vulnerabilities that have been found and repaired in Ubuntu 15.04, Ubuntu 14.10, and Ubuntu 14.04 LTS operating systems.

This is not the first round of patches in Ubuntu for various Oxide issues in this development cycle, and there might be others. For now, users should upgrade their systems when they have the chance. The Ubuntu maintainers have pushed some new packages and they are coming through the regular updating channels.

According to the security notice, "It was discovered that Chromium did not properly consider the scheme when determining whether a URL is associated with a WebUI SiteInstance. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to bypass security restrictions."

This is just one of the problems found. For a more detailed description of the issues, you can see Canonical's security notification. Users should upgrade their Linux distribution in order to correct this issue. The vulnerability can be fixed if you upgrade your system(s) to the latest liboxideqtcore0 package specific to each distribution. To apply the patch, users can simply run the Update Manager application.

If you don't want to use the Software Updater, you can open a terminal and enter the following commands (you will need to be root):

code
sudo apt-get update
sudo apt-get dist-upgrade
In general, a standard system update will make all the necessary changes, and users don't need to reboot their systems in order to complete the process.